Package org.opennms.protocols.radius.springsecurity

Class RadiusAuthenticationProvider

  • All Implemented Interfaces:
    org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider
    public class RadiusAuthenticationProvider
extends org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
    An org.springframework.security.providers.AuthenticationProvider implementation that provides integration with a Radius server.
    Author:
    Paul Donohue

    • Field Summary

      • Fields inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

        hideUserNotFoundExceptions, logger, messages

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void additionalAuthenticationChecks​(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken token)
      protected void doAfterPropertiesSet()
      doAfterPropertiesSet
      protected org.springframework.security.core.userdetails.UserDetails retrieveUser​(String username, org.springframework.security.authentication.UsernamePasswordAuthenticationToken token)
      void setAuthTypeClass​(Class<? extends net.jradius.client.auth.RadiusAuthenticator> authTypeClass)
      Sets the authenticator, which determines the authentication type (PAP, CHAP, etc)
      void setDefaultRoles​(String defaultRoles)
      Sets the default authorities (roles) that should be assigned to authenticated users
      void setPort​(int port)
      Sets the port number the radius server is listening on
      void setRetries​(int retries)
      Sets the number of times to retry a timed-out authentication request
      void setRolesAttribute​(String rolesAttribute)
      Sets the name of a radius attribute to be returned by the radius server with a comma-separated list of authorities (roles) to be assigned to the user If this is not set, or if the specified attribute is not found in the reply from the radius server, defaultRoles will be used to assign roles If JRadius's built-in attribute dictionary does not contain the desired attribute name, use "Unknown-VSAttribute(:)"
      void setTimeout​(int timeout)
      Sets the authentication timeout (in seconds)

      • Methods inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

        afterPropertiesSet, authenticate, createSuccessAuthentication, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache, supports

    • Constructor Detail

      • RadiusAuthenticationProvider

        public RadiusAuthenticationProvider​(String server,
                                    String sharedSecret)
        Create an instance using the supplied server and shared secret.
        Parameters:
        server - a String object.
        sharedSecret - a String object.

    • Method Detail

      • doAfterPropertiesSet

        protected void doAfterPropertiesSet()
                             throws Exception

        doAfterPropertiesSet

        Overrides:
        doAfterPropertiesSet in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
        Throws:
        Exception - if any.

      • setPort

        public void setPort​(int port)
        Sets the port number the radius server is listening on
        Parameters:
        port - (defaults to 1812)

      • setTimeout

        public void setTimeout​(int timeout)
        Sets the authentication timeout (in seconds)
        Parameters:
        timeout - (defaults to 5)

      • setRetries

        public void setRetries​(int retries)
        Sets the number of times to retry a timed-out authentication request
        Parameters:
        retries - (defaults to 3)

      • setAuthTypeClass

        public void setAuthTypeClass​(Class<? extends net.jradius.client.auth.RadiusAuthenticator> authTypeClass)
        Sets the authenticator, which determines the authentication type (PAP, CHAP, etc)
        Parameters:
        authTypeClass - An instance of net.jradius.client.auth.RadiusAuthenticator (defaults to PAPAuthenticator)

      • setDefaultRoles

        public void setDefaultRoles​(String defaultRoles)
        Sets the default authorities (roles) that should be assigned to authenticated users
        Parameters:
        defaultRoles - comma-separated list of roles (defaults to "ROLE_USER")

      • setRolesAttribute

        public void setRolesAttribute​(String rolesAttribute)
        Sets the name of a radius attribute to be returned by the radius server with a comma-separated list of authorities (roles) to be assigned to the user If this is not set, or if the specified attribute is not found in the reply from the radius server, defaultRoles will be used to assign roles If JRadius's built-in attribute dictionary does not contain the desired attribute name, use "Unknown-VSAttribute(:)"
        Parameters:
        rolesAttribute - a String object.

      • additionalAuthenticationChecks

        protected void additionalAuthenticationChecks​(org.springframework.security.core.userdetails.UserDetails userDetails,
                                              org.springframework.security.authentication.UsernamePasswordAuthenticationToken token)
                                       throws org.springframework.security.core.AuthenticationException
        Specified by:
        additionalAuthenticationChecks in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
        Throws:
        org.springframework.security.core.AuthenticationException

      • retrieveUser

        protected org.springframework.security.core.userdetails.UserDetails retrieveUser​(String username,
                                                                                 org.springframework.security.authentication.UsernamePasswordAuthenticationToken token)
                                                                          throws org.springframework.security.core.AuthenticationException
        Specified by:
        retrieveUser in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
        Throws:
        org.springframework.security.core.AuthenticationException